RE: Linux as a radius client

Subject: RE: Linux as a radius client
From: Mike Barsalou (mbarsalou@aidea.org)
Date: Wed Jul 03 2002 - 07:45:46 AKDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Next message: Arthur Corliss: "Re: Report?"
• Previous message: Mac Mason: "Re: Get rich! Put Linux on the XBox"
• Maybe in reply to: Mike Barsalou: "Linux as a radius client"
• Maybe reply: Mike Barsalou: "RE: Linux as a radius client"
• Reply: Mike Barsalou: "RE: Linux as a radius client"

You make a good point, however I still would like to know how to go about
it.

Mike

-----Original Message-----
From: James Bagley Jr. [mailto:james@thelostnet.net]
Sent: Tuesday, July 02, 2002 4:09 PM
To: Alaska Linux Users Group
Cc: Mike Barsalou
Subject: RE: Linux as a radius client

I hate to be one to state the obvious, but wouldn't samba's winbind
software work better if the ultimate goal is to authenticate to a windows
user database on a windows server? Why deal with radius when it's easier
to talk to the windows boxen using their native protocols?

On Tue, 2 Jul 2002, Christopher E. Brown wrote:

>
> On Tue, 2 Jul 2002, Mike Barsalou wrote:
>
> > Chris,
> >
> > I am trying to setup a Win2k box to be a radius server. I then want
users
> > that log into the linux box to use that radius server to authenticate
> > against.
> >
> > Hopefully that clears it up.
> >
> > Mike
>
>
> Ahh, ok. I will leave the whole goodthing/badthing issue alone, I
> think my views on this are well known.
>
>
> You are looking for the pam radius module and its docs. You of course
> have to be using a Linux distro that using PAM.
>
> A couple of things.
>
> Make sure your important system accounts are present locally (root
> authed via radius, BAD)
>
>
> Pay attention to the NT side of things, there will be interesting
> issues.
>
>
> Using RADIUS to auth particular services (POP3/IMAP, FTP, etc) is
> useful and handled via the individual daemons, doing system level
> auth via RADIUS/PAM for shell users has alot of corner cases you can
> get caught in. Trying to do it against a NT user database (rather
> than just having the generated auth data reside on an NT based RADIUS
> server) can be fun, specially dealing with the different hash types
> used for passwd storage.
>
>
>
>
>
> ---------
> To unsubscribe, send email to <aklug-request@aklug.org>
> with 'unsubscribe' in the message body.
>
>

-- 
DON'T PANIC
---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.

• Next message: Arthur Corliss: "Re: Report?"
• Previous message: Mac Mason: "Re: Get rich! Put Linux on the XBox"
• Maybe in reply to: Mike Barsalou: "Linux as a radius client"
• Maybe reply: Mike Barsalou: "RE: Linux as a radius client"
• Reply: Mike Barsalou: "RE: Linux as a radius client"

This archive was generated by hypermail 2a23 : Wed Jul 03 2002 - 07:47:38 AKDT